Hybrid Join GPO

%3CLINGO-SUB%20id%3D%22lingo-sub-559605%22%20slang%3D%22en-US%22%3EHybrid%20Join%20GPO%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-559605%22%20slang%3D%22en-US%22%3E%3CP%3EHello%20friends%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20need%20a%20little%20help.%3C%2FP%3E%3CP%3EI%20would%20like%20to%20know%20exactly%20the%20difference%20between%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3CSTRONG%3ERegister%20domain%20joined%20computer%20as%20device%3C%2FSTRONG%3E%3C%2FP%3E%3CP%3Eand%3C%2FP%3E%3CP%3E%3CSTRONG%3EEnable%20automatic%20MDM%20enrollment%20using%20default%20Azure%20AD%20credentials%3C%2FSTRONG%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20can%20see%20some%20devices%20in%20my%20environment%20with%20windows%2010%201709%20version%20that%20not%20enroll%20device%20as%20hybrid.%20I%20already%20configured%26nbsp%3B%3CSTRONG%3EEnable%20automatic%20MDM%20enrollment%20using%20default%20Azure%20AD%20credentials%26nbsp%3B%3C%2FSTRONG%3Eand%20in%20my%20opinion%20that%20was%20enough%20to%20enroll%20devices%20as%20hybrid.%3C%2FP%3E%3CP%3EAm%20I%20doind%20something%20wrong%20or%20I%20really%20need%20both%20GPO's%20configured%20in%20my%20tenant%20%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-559605%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EIntune%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EMobile%20Device%20Management%20(MDM)%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-560159%22%20slang%3D%22en-US%22%3ERE%3A%20Hybrid%20Join%20GPO%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-560159%22%20slang%3D%22en-US%22%3ERegister%20domain%20joined%20computer%20as%20device%20is%20used%20when%20you%20are%20controlling%20the%20rollout%20of%20Hybrid%20AD%20Join.%20Enable%20Automatic%20MDM%20Enrollment%20using%20default%20Azure%20AD%20Credentials%20is%20the%20GPO%20which%20will%20auto%20enrol%20the%20device%20into%20Intune%20(Providing%20it%20is%20Hybrid%20AD%20Joined)%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-563403%22%20slang%3D%22en-US%22%3ERe%3A%20RE%3A%20Hybrid%20Join%20GPO%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-563403%22%20slang%3D%22en-US%22%3E%3CP%3ESo%20if%20I%20already%20use%20one%20of%20them%20in%20my%20case%20automatic%20mdm%20enrollment%2C%20it's%20not%20necessary%20use%20both%3F%20is%20it%20%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E
Paulo Silva
Contributor

Hello friends,

 

I need a little help.

I would like to know exactly the difference between:

 

 Register domain joined computer as device

and

Enable automatic MDM enrollment using default Azure AD credentials

 

I can see some devices in my environment with windows 10 1709 version that not enroll device as hybrid. I already configured Enable automatic MDM enrollment using default Azure AD credentials and in my opinion that was enough to enroll devices as hybrid.

Am I doind something wrong or I really need both GPO's configured in my tenant ?

 

Thanks

2 Replies
Register domain joined computer as device is used when you are controlling the rollout of Hybrid AD Join. Enable Automatic MDM Enrollment using default Azure AD Credentials is the GPO which will auto enrol the device into Intune (Providing it is Hybrid AD Joined)

So if I already use one of them in my case automatic mdm enrollment, it's not necessary use both? is it ?